CVE-2022-34888
30.01.2023, 22:15
The Remote Mount feature can potentially be abused by valid, authenticated users to make connections to internal services that may not normally be accessible to users. Internal service access controls, as applicable, remain in effect.Enginsight
| Vendor | Product | Version |
|---|---|---|
| lenovo | thinkagile_vx3331_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_hx_enclosure_certified_node_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_hx1021_firmware | 𝑥 < 3.60_tei386m |
| lenovo | thinkagile_hx1320_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx1321_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx1520-r_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx1521-r_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx2320-e_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx2321_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx2720-e_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_hx3320_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx3321_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx3375_firmware | 𝑥 < 4.10_d8bt38l |
| lenovo | thinkagile_hx3376_firmware | 𝑥 < 4.10_d8bt38l |
| lenovo | thinkagile_hx3520-g_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx3521-g_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx3720_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_hx3721_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_hx5520_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx5520-c_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx5521_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx5521-c_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx7520_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx7521_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_hx7820_firmware | 𝑥 < 2.50_psi346l |
| lenovo | thinkagile_hx7821_firmware | 𝑥 < 2.50_psi346l |
| lenovo | thinkagile_mx1020_firmware | 𝑥 ≤ 3.60_tei386m |
| lenovo | thinkagile_mx3330-f_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3330-h_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3331-f_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3331-h_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3530_f_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3530-h_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3531-f_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx3531_h_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_mx1021_firmware | 𝑥 < 3.60_tei386m |
| lenovo | thinkagile_vx_1se_certified_node_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_vx_2u4n_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_vx_4u_firmware | 𝑥 < 2.50_psi346l |
| lenovo | thinkagile_vx1320_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_vx2320_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx2330_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx3320_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx3330_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx3520-g_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx3530-g_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx3720_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinkagile_vx5520_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx5530_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx7320_n_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx7330_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx7520_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx7520_n_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinkagile_vx7530_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx7531_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinkagile_vx7820_firmware | 𝑥 < 2.50_psi346l |
| lenovo | thinkedge_se450_firmware | 𝑥 < 1.10_usx304w |
| lenovo | thinkstation_p920_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sd530_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sd630_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_sd650_dwc_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sd650_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_sd650-n_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_se350_firmware | 𝑥 < 3.60_tei386m |
| lenovo | thinksystem_sn550_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sn550_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_sn850_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr150_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr158_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr250_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr250_v2_firmware | 𝑥 < 1.96_tgbt34x |
| lenovo | thinksystem_sr258_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr258_v2_firmware | 𝑥 < 1.96_tgbt34x |
| lenovo | thinksystem_sr530_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sr550_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sr570_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sr590_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sr630_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sr630_v2_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinksystem_sr645_firmware | 𝑥 < 4.10_d8bt38l |
| lenovo | thinksystem_sr650_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_sr650_v2_firmware | 𝑥 < 1.80_afbt20n |
| lenovo | thinksystem_sr665_firmware | 𝑥 < 4.10_d8bt38l |
| lenovo | thinksystem_sr670_firmware | 𝑥 < 3.60_tei386m |
| lenovo | thinksystem_sr670_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_sr850_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr850_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_sr850p_firmware | 𝑥 < 3.60_tei386m |
| lenovo | thinksystem_sr860_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_sr860_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_sr950_firmware | 𝑥 < 2.50_psi346l |
| lenovo | thinksystem_st250_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_st250_v2_firmware | 𝑥 < 1.96_tgbt34x |
| lenovo | thinksystem_st258_firmware | 𝑥 < 5.20_tei3c8m |
| lenovo | thinksystem_st258_v2_firmware | 𝑥 < 1.96_tgbt34x |
| lenovo | thinksystem_st550_firmware | 𝑥 < 8.40-cdi394n |
| lenovo | thinksystem_st650_v2_firmware | 𝑥 < 2.00_tgbt36o |
| lenovo | thinksystem_st658_v2_firmware | 𝑥 < 2.00_tgbt36o |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-184 - Incomplete List of Disallowed InputsThe product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete, leading to resultant weaknesses.
- CWE-697 - Incorrect ComparisonThe software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.